You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The version 2.3.1 security update appears to require custom post types to have public=true in order to be favorited. While I understand the rationale behind this, there are certain narrow circumstances in which it's appropriate for a custom post type to have public=false, but publicly_queryable=true; this is the scenario I'm running into with one of my projects.
Would there by any negative security implications to modifying the plugin to require publicly_queryable=true rather than public=true for posts to be favoritable? (I believe this is enforced in PostTypeRepository.php)
The text was updated successfully, but these errors were encountered:
Hi.
The version 2.3.1 security update appears to require custom post types to have public=true in order to be favorited. While I understand the rationale behind this, there are certain narrow circumstances in which it's appropriate for a custom post type to have public=false, but publicly_queryable=true; this is the scenario I'm running into with one of my projects.
Would there by any negative security implications to modifying the plugin to require publicly_queryable=true rather than public=true for posts to be favoritable? (I believe this is enforced in PostTypeRepository.php)
The text was updated successfully, but these errors were encountered: